I feel bad about asking a version of a question that has been asked a lot. I've read Graphene's documentation and now a very large number of discussions. At this point, I believe I simply don't understand the issues well enough to make an intelligent decision. I appreciate all advice/thoughts.
I recently bought a Pixel 8 to run using GOS. It's been no trouble getting it up and running, and I now I have a pretty good grasp of its basics. The thing that still confuses me is understanding the balance of privacy and/or security trade-offs to using the Play store vs the Aurora store, or another similar source.
The particular issue is this. I'm in Europe, and there are some banking and payment-related apps that I need to use in my country. There are also travel apps that make life a lot easier that are not open source. My understanding is that getting them from the Play store provides the best security, due to their verification system. But, because a google account is needed, one is associating a collection of some apps with an account.
I don't have a sense of how much of a fingerprint this leaves, since it seems to be possible to create an account with an alias, no phone number, via a VPN, etc. I've been getting what I can through Obtanium, but that won't take care of everything.
There is no threat profile of interest in my case. I'd just prefer not to give away my data within some reasonable limits. I was using an iphone, and I'm hoping to reduce my fingerprint from that. On the other hand, I very much do not want to increase my exposure to risk due to data leaking or being taken for banking apps. I suppose I worry some that not using the Play store would increase that exposure.
I feel as though I ought to understand this issue better, given all the reading I'm done...